MiniWeb 0.8.19 Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34563/info MiniWeb is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a...

paBugs <= 2.0 Beta 3 (main.php cid) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use HTTP::Cookies; if@ARGV 4 usage; exit; $host = $ARGV0; Host $path = $ARGV1; Path to paBugs directory $pref = $ARGV2; prefix for admin tables $usid = $ARGV3; user id $www = new LWP::UserAgent; $sql =...

Zemana AntiLogger AntiLog32.sys <= 1.5.2.755 Local Privilege Escalation Vulnerability

No description provided by source. Zemana AntiLogger AntiLog32.sys = 1.5.2.755 Local Privilege Escalation Vulnerability VULNERABLE PRODUCTS Zemana AntiLogger =1.9.2.2.206 DETAILS: AntiLog32.sys create a device called \Device\AntiLog32 , and handles DeviceIoControl request IoControlCode = 0x800020...

LibEXIF 0.6.x - Exif_Data_Load_Data_Entry Remote Integer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23927/info The libexif library is prone to an integer-overflow vulnerability because the software fails to properly ensure that integer math operations do not result in overflows. Successful exploits of this vulnerability...

Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23142/info The Linux kernel is prone to a NULL-pointer dereference vulnerability. A local attacker can exploit this issue to crash the affected application, denying service to legitimate users. The attacker may also be ab...

Irfan Skiljan IrfanView32 3.0.7 Image File Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/781/info IrfanView32, a freeware image viewer, has a problem in the handling of Adobe Photoshop generated jpegs. If a .jpg file is opened for viewing that contains the Adobe Photoshop marker in the header 8BPS followed by...

TinyIdentD <= 2.2 - Remote Buffer Overflow Exploit

No description provided by source. tinyidentd exploit code by thomas . pollet at gmail . com bug by Maarten Boone usage: python exploit.py target import socket,sys jmp into nop sled payload = '\xeb\x20' ident crap payload += ', 28 : USERID : UNIX : ' nop sled payload +='XXXX' jmp %esi payload +=...

VirtualDJ Trial 6.0.6 "New Year Edition" - .m3u Exploit (0day)

No description provided by source. /VirtualDJ Trial v6.0.6 New Year Edition PC 0day This is a poc for the latest VJ by fl0 fl0w Author: fl0 fl0w Tested on: Windows xp sp2 Code : exploit code/ includestdio.h includewindows.h includestring.h includegetopt.h includeunistd.h /----prototypes---/ int...

ViRobot Desktop 5.5 and Server 3.5 <= 2008.8.1.1 - Privilege Escalation Vulnerability

No description provided by source. Hauri ViRobot Desktop 5.5 & ViRobot Server 3.5 VRsecos.sys =2008.8.1.1 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder$126.com VULNERABLE PRODUCTS Hauri ViRobot Desktop 5.5 and below Hauri ViRobot Server 3.5 and below DETAILS:...

Contrexx Shopsystem <= 2.2 SP3 (catId) - Blind SQL Injection

No description provided by source. !/usr/bin/php ?php / Exploit title: Contrexx Shopsystem Blind SQL Injection Exploit Exploit written by: Penguin Exploit: index.php?section=shop&catId=VALID categoryid and YOUR BLIND SQL CODE Exploit tested on: Debian 6, Ubuntu Linux 11.04 Software price: abount...

MusicDaemon <= 0.0.3 - Remote DoS and /etc/shadow Stealer (2)

No description provided by source. / MusicDaemon = 0.0.3 v2 Remote /etc/shadow Stealer / DoS Vulnerability discovered by: Tal0n 05-22-04 Exploit code by: Tal0n 05-22-04 Greets to: atomix, vile, ttl, foxtrot, uberuser, d4rkgr3y, blinded, wsxz, serinth, phreaked, h3x4gr4m, xaxisx, hex, phawnky,...

e107 0.7.x 'e107_admin/banner.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39609/info e107 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM Exploit

No description provided by source. !/usr/bin/python tiv-sys.py IBM Tivoli Endpoint 4.1.1 Remote SYSTEM Exploit Jeremy Brown 0xjbrown41-gmail-com June 2011 Discovered by: Brian Adeloye of Tenable Network Security This exploit makes use of two vulnerabilities: 1 Base64 authentication credentials...

Power Audio Editor 7.4.3.230 - (.cda) Denial of Service Vulnerability

No description provided by source. Title: Power Audio Editor .cda Denial of service vulnerability Author : anT!-Tr0J4n Email : D3v-PoinTathotmaild0tcom & C1EHatHotmaild0tcom Greetz : Dev-PoinT.com inj3ct0r.com all DEV-PoinT t34m thanks : r0073r ; Sid3^effects ; L0rd CrusAd3r ; all Inj3ct0r 31337...

UCenter Home 2.0 - SQL Injection Vulnerability

No description provided by source. --==UCenter Home 2.0 -0day Remote SQL Injection Vulnerability==-- / Author : KnocKout / Greatz : DaiMon,BARCOD3,RiskY and iranian hackers / Contact: [email protected] / Cyber-Warrior.org/CWKnocKout --==--==--==--==--==--==--==--==--==--== Script : UCenter Home...

Video Games Rentals Script - SQL Injection Vulnerability

No description provided by source. Exploit Title: video games rentals Script SQL injection Vulnerability Date: 11/02/2010 Author: JaMbA Software Link: N/A Version: all version Tested on: Windows & Linux CVE : ::::::::::::::::::::::::: Exploit Title : video games rentals Script SQL injection...

Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005)

No description provided by source. / For Remote Exploration hint: http://www.spyinstructors.com/atmaca/research/wmpremotepoc.asx / / Windows Media Player BMP Heap Overflow MS06-005 Bug discovered by eEye - http://www.eeye.com/html/research/advisories/AD20060214.html Exploit coded by ATmaCA Web:...

ESTsoft ALYac Anti-Virus 1.5 <= 5.0.1.2 - Privilege Escalation Vulnerability

No description provided by source. ESTsoft ALYac Anti-Virus 1.5 with AYDrvNT.sys = 5.0.1.2 Local Kernel Mode Privilege Escalation Vulnerability AUTHOR MJ0011 EMAIL thdecoder$126.com VULNERABLE PRODUCTS ALYac Anti-Virus 1.5 DETAILS: AYDrvNT.sys create a device called AYDrvNTALYAC , and handles the...

CREAR ALMail32 1.10 Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/574/info The ALMail32 POP3 client conatins unchecked buffers in the header parsing code. An abnormally long FROM: or TO: field in the header of an incoming email will overwrite the buffer and allow arbitrary code to be...

WordPress Bannerman 0.2.4 Cross Site Scripting

Exploit Title : Wordpress bannerman.0.2.4 Cross Site Scripting Exploit Author : Ashiyane Digital Security Team Vendor Homepage : http://wordpress.org/plugins/bannerman/ Software Link : http://downloads.wordpress.org/plugin/bannerman.0.2.4.zip Date : 2014-06-27 Tested on : Windows 7 / Mozilla...